Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":June 3, 2026, 2:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
256161	6.9	警告	マイクロソフト	-	Microsoft Windows の Win32 サブシステム内にある CSRSS における権限昇格の脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-1891	2010-10-6 16:56	2010-09-14	Show	GitHub Exploit DB Packet Storm

256162	9	危険	マイクロソフト	-	Microsoft Windows の LSASS におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-0820	2010-10-6 16:55	2010-09-14	Show	GitHub Exploit DB Packet Storm

256163	9.3	危険	マイクロソフト	-	Microsoft Windows の WordPad Text Converters における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-2563	2010-10-6 16:55	2010-09-14	Show	GitHub Exploit DB Packet Storm

256164	9.3	危険	マイクロソフト	-	Microsoft Windows の RPC クライアント実装における任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-2567	2010-10-6 16:55	2010-09-14	Show	GitHub Exploit DB Packet Storm

256165	6.8	警告	マイクロソフト	-	Windows 上で稼働する Microsoft Internet Information Services におけるアクセス制限を回避される脆弱性	CWE-287 不適切な認証	CVE-2010-2731	2010-10-6 16:54	2010-09-14	Show	GitHub Exploit DB Packet Storm

256166	9.3	危険	マイクロソフト	-	Microsoft Internet Information Services におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2730	2010-10-5 19:00	2010-09-14	Show	GitHub Exploit DB Packet Storm

256167	4.3	警告	マイクロソフト	-	Microsoft Internet Information Services の ASP 実装におけるサービス運用妨害 (DoS) の脆弱性	CWE-119 バッファエラー	CVE-2010-1899	2010-10-5 18:59	2010-09-14	Show	GitHub Exploit DB Packet Storm

256168	9.3	危険	マイクロソフト	-	Microsoft Outlook におけるヒープベースのバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2010-2728	2010-10-5 18:59	2010-09-14	Show	GitHub Exploit DB Packet Storm

256169	9.3	危険	マイクロソフト	-	Microsoft Windows の USP10.DLL 内の Uniscribe 実装における任意のコードを実行される脆弱性	CWE-20 不適切な入力確認	CVE-2010-2738	2010-10-5 18:58	2010-09-14	Show	GitHub Exploit DB Packet Storm

256170	9.3	危険	マイクロソフト	-	Microsoft Windows の MPEG-4 コーデックにおける任意のコードを実行される脆弱性	CWE-94 コード・インジェクション	CVE-2010-0818	2010-10-5 18:58	2010-09-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:June 3, 2026, 4:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
195051	8.8	HIGH Network	wpdeveloper	simple_301_redirects	The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to export a site's red…	-	CVE-2021-24352	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195052	6.1	MEDIUM Network	posimyth	the_plus_addons_for_elementor	The theplus_more_post AJAX action of The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.12 did not properly sanitise some of its fields, leading to a reflected Cross-Site Scriptin…	-	CVE-2021-24351	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195053	6.1	MEDIUM Network	bestwebsoft	visitors_online	The Visitors WordPress plugin through 0.3 is affected by an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. The plugin would display the user's user agent string without validation o…	-	CVE-2021-24350	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195054	6.1	MEDIUM Network	gallery_from_files_project	gallery_from_files	This Gallery from files WordPress plugin through 1.6.0 gives the functionality of uploading images to the server. But filenames are not properly sanitized before being output in an error message when…	-	CVE-2021-24349	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195055	5.3	MEDIUM Network	posimyth	the_plus_addons_for_elementor	The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbit…	CWE-287 Improper Authentication	CVE-2021-24359	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195056	7.2	HIGH Network	wow-estore	side_menu	The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement w…	-	CVE-2021-24348	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195057	8.8	HIGH Network	smartypantsplugins	sp_project_\&_document_manager	The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server f…	-	CVE-2021-24347	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195058	5.4	MEDIUM Network	stock_in_\&_out_project	stock_in_\&_out	The Stock in & out WordPress plugin through 1.0.4 has a search functionality, the lowest accessible level to it being contributor. The srch POST parameter is not validated, sanitised or escaped befor…	CWE-79 Cross-site Scripting	CVE-2021-24346	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195059	6.6	MEDIUM Network	sendit_project	sendit	The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the id_lista POST parameter before…	-	CVE-2021-24345	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm

195060	8.8	HIGH Network	xllentech	english_islamic_calendar	When deleting a date in the Xllentech English Islamic Calendar WordPress plugin before 2.6.8, the year_number and month_number POST parameters are not sanitised, escaped or validated before being use…	-	CVE-2021-24341	2024-11-21 14:52	2021-06-14	Show	GitHub Exploit DB Packet Storm